Mobile electronic devices such as personal digital assistants (PDAs) and digital cellular telephones are increasingly used for electronic commerce (e-commerce) and mobile commerce (m-commerce). Programs that execute on the mobile devices to implement e-commerce and/or m-commerce functionality may need to operate in a secure mode to reduce the likelihood of attacks by malicious programs (e.g., virus programs) and to protect sensitive data.
For security reasons, at least some processors provide two levels of operating privilege: a first level of privilege for user programs; and a higher level of privilege for use by the operating system. The higher level of privilege may or may not provide adequate security, however, for m-commerce and e-commerce, given that this higher level relies on proper operation of operating systems with highly publicized vulnerabilities. In order to address security concerns, some mobile equipment manufacturers implement yet another third level of privilege, or secure mode, that places less reliance on corruptible operating system programs, and more reliance on hardware-based monitoring and control of the secure mode. An example of one such system may be found in U.S. Patent Publication No. 2003/0140245, entitled “Secure Mode for Processors Supporting MMU and Interrupts.”
In addition to this secure mode, various hardware-implemented security firewalls and other security monitoring components have been added to the processing systems used in mobile electronic devices to further reduce the vulnerability to attacks. Despite this addition of security protection in the processing hardware, mobile electronic devices remain vulnerable to a common software security attack known generically as “stack buffer overflow.” In a stack buffer overflow attack, executable code is written on an execution stack and the return address of a currently executing function is modified so that it will point to the beginning of this new code. When the function call returns, the attacker's code is executed.